App Review

Before you switch your app to Live mode, we may need to make sure that you will be using our products and data in an approved manner. To achieve this goal, we require many apps to undergo App Review.

In general, the process involves specifying the type of data your app will be requesting from users and describing how you will use that data. Based on your submission, we may follow up and ask you to complete additional steps.

You will likely have to complete some combination of these steps. The exact combination depends on the products and features you are implementing, the type of data you are accessing, and how you will use that data.

If you switch your app to Live mode before you have been approved, you will lose access to all data including that of your app, test users, test pages, and app developers and app admins.

Who Needs App Review?

The easiest way to determine if your app will need review is to refer to the product documentation for each product you are implementing. Each documentation set should contain a requirements or app review section which lists the app review steps you will have to complete, as well as any special requirements that are not part of app review.

When To Submit

You can begin the review process at any time, and you can edit your submission before it is reviewed, but we recommend that you begin a submission only after you have thoroughly tested your app in development mode and you are ready for release. If your app has already gone through App Review and has been approved for specific products, changing product settings or adding new products, permissions, or features, may require you to complete the review process again.

Note that if your app is in Live mode and you want to add new permissions, features, or products, follow our App Review for Live Apps guidelines which will help with submission.

How To Submit

Click it and you should see an interface to begin the process. Keep in mind that some products require Product Review, which you can access and submit from each product's tab in the dashboard. You can submit both general app review and product-specific review at the same time.

How Long Does It Take?

It typically takes us less than one week to process your submission, and often takes only 2–3 days, but may take longer during peak periods. Please note that due to recent changes to the review process and the high volume of submissions, it may take several weeks for submitted apps to complete the review process.

Additional Verification

After you submit your app for review, we may ask you to verify your identity as a business or as an individual. To do this, we will send an alert to your App Dashboard Inbox. The alert will contain a link that begins the verification process.

Sample Submissions

To give you a better idea of what the submission process looks from beginning to end, we've created a set of sample submissions for commonly used products and APIs.

Common Rejection Reasons

We recommend that you read our common rejection reasons document before beginning the review process so you can avoid common mistakes that will cause your submission to be rejected.

App Review

This is our general review process which many apps must go through before they can be made public. You begin the process in the App Review section of your App Dashboard. You will be prompted to select from a list of Login Permissions and Features, and to describe and possibly show us how you will use that data.

My Permissions and Features

Anytime you start a new app review submission, you will see your approved permissions and features. Any newly approved permission and features will appear here.

The default and email permissions are pre-approved. These are the only permissions that do not require app review. All other login permissions and features in the app review submission interface require app review.

Note that some product-specific permissions, which you can request through Product Review, do not appear here.

Login Permissions and Features

Login permissions allow app Users to grant an app access to specific types of data, so you should only select permissions that correspond to the type of data that your app will need. For example, if your app allows Users to see videos they've uploaded to their timelines, you would include the user_videos permission in your submission.

All login permissions displayed in the interface require review, and you must provide details and screencasts explaining how you will use the data that they provide access to.

All features require review. Features correspond to specific functionality, products, or APIs. When you select a feature, it will list any login permission that you may need to include in your submission. We also recommend that you read each product's documentation set for detailed App Review instructions.

Details

Before you can submit for approval, you will be asked to describe how you will use the data provided by each permission or feature. If you set up Test Users to test these permissions or features, it's a good idea to include their login credentials with your submission.

Give a thorough explanation of how your app uses each permission. Try using these questions as a starting point:

How will granting this permission help the people using your app?

Why do you need this permission?

How will your app use the data it receives from Facebook?

How does your app use the permission?

Why would your app be less useful if it did not have this permission?

Be very specific.

Screencast

Some permissions and features require a screencast that demonstrates how your app will use the data (or for apps that have no UI, how the data will ultimately be used). We recommend that you use dedicated screencast software in order to capture your screencast. Avoid using a mobile device's camera to record the screen of another device that shows your app flow.

If your app has no user interface and interacts directly with our APIs, refer to our Server-to-Server Apps document for guidelines when providing details.

Onboarding Terms

When you submit your app for review, you will be asked to agree to our onboarding terms, which define basic acceptable usage.

Product Review

Some products, such as Messenger and Instagram, require specialized review steps. When you add any of these products, their product tab will appear in your app's dashboard and include an app review section that lists any specialized permissions and instructions.

Product review is independent of general app review, so in order to submit for product review, you must begin your submission from within the respective product's tab.

Business Verification

Business verification is a process that allows us to verify your identity as a business entity, which we require if your app will be accessing sensitive data. If you are a developer for a business and your app has been approved for permissions and features related to the products below, you will receive an alert in your App Dashboard Inbox asking you to verify your business. Your app will be prevented from using any approved permissions and features related to the products below while in Live mode until you complete the business verification process.

Business verification applies to your developer account, so it affects all of your apps. Once you submit an app for review that requires business verification, all of your existing apps and any new apps will be flagged as requiring business verification, and they will inherit your verification status. This could adversely affect older apps that are already approved for permissions that now require business verification. If your app has access to a permission that did not require business verification when it was approved, yet your business does not pass business verification, the app will no longer be able use those permissions until you pass.

Business Verification Process

You can begin the Business Verification process using the link in your App Dashboard Inbox alert, or within the App Dashboard's Settings > Basic tab.

Once connected, clicking any of the verification links or buttons will take you to the Business Manager's Business Settings > Business Info tab. From there, navigate to the Security Center and click Start Verification.

If we can locate your business details via our trusted 3rd party data sources, we will ask you to confirm your association with the business via email or phone. If we cannot locate your business details, you may need to submit additional documentation to complete the business verification process.

If you submitted documentation, but are still having issues getting verified, you may need to submit additional documentation. If you are unable to provide this extra information within 1 week, you'll need to start the process again.

Individual Verification

Due to coronavirus (COVID-19), we have temporarily paused Individual Verification to focus our reviewers on efforts that help keep people informed and safe. We know this review step is important and will resume it as soon as we can. Visit our blog post to learn more about this issue.

If you are a non-business developer and your app has been approved for permissions and features related to the products below, you will receive an alert in your App Dashboard Inbox giving you the option to complete Individual Verification instead of Business Verification. Individual Verification is a process that allows us to verify your identity as an individual as opposed to a business, which we require if your app will be accessing sensitive data.

You can begin the Individual Verification process by following the link in your App Dashboard Inbox alert, by clicking the Go to Verification button in the App Dashboard's Settings > Basic tab, or by going to developers.facebook.com and navigating to My Apps > Developer Settings.

Once there, click Individual Verification.

Your app will be prevented from using any approved permissions and features related to the products below while in Live mode until you complete the Individual Verification process.

Supplemental Terms

If we need you to agree to supplemental terms, we will ask you to provide an email address for a Business Signatory. We will email the signatory a link to a site displaying our Supplemental Terms for Extended Platform Products. The signatory can use the site to agree to the terms, after which we will email the signatory a copy of the agreement.

Tech Provider Amendment

If you are a business that will use our APIs and data to serve other businesses, during Business Verification you will be asked to provide an email address for a Tech Provider Signatory. We will email the signatory a link to our Tech Provider Amendment, which contains heightened provisions on data use policies. The signatory must sign this amendment, which can be done through Adobe Sign.

End-Business Verification

If you are using our APIs or data to provide service to other businesses, we will require you to share with us who your customers are. We will announce a solution to help you with this soon. If your customers access large scale User data through your app, we may have additional requirements for them to complete.

Guidelines

Sample Review

App Review for Live Apps

While in Development mode, apps are automatically approved for all login permissions, features, and product-specific features. This allows you to test new functionality and create screencasts, which you can include in your eventual app review submission.

Once you switch your app to Live Mode, however, your app can only use permissions and features that it has been approved for. This means you will be unable to test or create screencasts that demonstrate usage of any unapproved permissions or features.

Although you can solve this problem by switching your app back to Development mode, we recommend that you instead create a Test App and use it to test and capture screencasts of any new permissions and features. When you resubmit your Live app for review, include the test app's ID in any permission or feature usage details.